Idira IGA Reviews

The main use cases for CyberArk IGA Powered by Zilla include onboarding users when they are being recruited, as well as managing the moving and exiting processes. When a user like James moves from department A to department B, the IT team no longer needs to manually change roles and permissions to the resources James has access to. Instead, the system automatically provisions James with the new role he has been appointed with. Similarly, when James leaves the organization, all his privileges and resources are automatically revoked without the need to search and manually remove each access point.

Users also want to have a single sign-on capability so they do not have to log into multiple applications. They can sign in once and have access to all their applications such as Outlook, Salesforce, CRM solutions, and ERP solutions without logging in individually. The system logs them in automatically to each application.

Additionally, CyberArk IGA Powered by Zilla helps users work from anywhere, regardless of their location or country. Users do not need to be in their office geo-location to access applications or resources, which provides flexibility for accessing applications wherever they are. Furthermore, if an account gets locked, users can reset their password themselves by answering security questions instead of going through the admin process for approval and re-enabling the account.

CyberArk has a plethora of solutions including PAM, IGA, Secrets Management, and Remote Access. I personally participate in the deployment process.

The deployment time for CyberArk IGA Powered by Zilla is based on the size of the organization, whether it is an enterprise organization or a small medium business. For an organization looking at 1,005 to 2,000 users, the process begins with a scoping phase where information is gathered from the customer, which typically takes two to three days for the customer to populate the documentation. After the customer submits the scoping documents, I and the customer review what they submitted. Once the review is complete, we conduct a kick-off meeting and provide the project timelines to both the customer project manager and our project manager. The entire process should fall within four to five weeks, approximately one month to one month and a week. During the fourth week, the system is fine-tuned. The fifth week involves training and user acceptance testing (UAT) with the customer to confirm that what was requested has been delivered as promised. After UAT, the solution is handed over to the customer.

The challenges I face with the implementation of CyberArk IGA Powered by Zilla involve legacy applications and legacy systems, which sometimes present issues. Additionally, custom-built APIs that are not properly structured can be problematic, though CyberArk can help redefine them according to the customer's demands.

Integrating CyberArk IGA Powered by Zilla with banking applications such as T24 is very tough to accomplish. When working with the T24 core banking application, the T24 support team is not able to assist much, so I have to find a way to fix the issue myself. The difficulty is not related to the price but rather to the technical integration challenges with these specialized banking systems.

I have worked with CyberArk IGA Powered by Zilla for the past three years, and I have worked with PAM for six years.

The primary issue I have experienced with CyberArk IGA Powered by Zilla is related to support. Getting the right support in the right jurisdiction is somewhat challenging. Although CyberArk has resource people to work with, the time to resolve issues is problematic. When I send a request, they respond, but getting an actual time slot to work with the customer to resolve the issue sometimes delays. Occasionally, the customer becomes frustrated and seeks support from us, and we experience issues with the first level of support they receive. I rate CyberArk support at a six out of ten.

I personally participate in the deployment process.

CyberArk IGA Powered by Zilla is expensive compared to One Identity IGA and BeyondTrust.

CyberArk IGA Powered by Zilla is expensive when compared to One Identity IGA and BeyondTrust. My overall review rating for this product is an eight out of ten.

My main use case for CyberArk IGA Powered by Zilla is that it provides the platform which helps to improve our governance and the provisioning technology, and it also strengthens my identity lifecycle and compliance portfolio.

A specific example of how I use CyberArk IGA Powered by Zilla in my daily work is that it has the identity governance modernization which helps to improve my organization, provides user automation, and assists significantly with compliance and audit, least privilege enforcement policies, and automates the joiner or leaver process of particular employees.

CyberArk IGA Powered by Zilla offers best features including AI-driven identity governance, automated provisioning and de-provisioning, access review and compliance, cloud-native architecture, and lifecycle management, particularly identity lifecycle management.

The cloud-native architecture and automated provisioning features of CyberArk IGA Powered by Zilla help me a lot, especially to the HR department, when any employee comes into our organization or leaves; it automatically provides the proper access to them depending upon their designation and name, and it also automates the necessary credential management when employees leave.

CyberArk IGA Powered by Zilla has positively impacted my organization through the collection of audit evidence, the compliance workflow, and user access reviews, which helps me significantly.

There are no additional improvements needed at this time.

I have been working in my current field for two years.

CyberArk IGA Powered by Zilla is stable.

For the scalability of CyberArk IGA Powered by Zilla, I would rate it a nine.

I would say the customer support for CyberArk IGA Powered by Zilla is responsive.

I would rate the customer support a nine.

I don't have clarity on previous solutions because I came in two years ago, and at that time CyberArk IGA Powered by Zilla was being deployed; as far as I know, there was no software present prior.

We directly went for CyberArk IGA Powered by Zilla.

It took me within three days to deploy CyberArk IGA Powered by Zilla from setup to initial go-live by deploying the base policies, and later on, we modified according to our needs.

The deployment was significantly quicker compared to past solutions.

An example of how automation with CyberArk IGA Powered by Zilla reduced time or effort for my team is that whenever a user is onboarding, it automatically chooses their role and applies the policies-based automation within a fraction of seconds, eliminating the need for manual intervention.

My team spends significantly less time on access reviews and evidence collection compared to before.

CyberArk IGA Powered by Zilla has helped me a lot and constitutes a return on investment as well, but I cannot provide more details because I am from the technical department.

The pricing, setup cost, and licensing were taken care of by the administration, so I do not have information about those details.

I did not purchase CyberArk IGA Powered by Zilla through the AWS Marketplace.

CyberArk IGA Powered by Zilla is from a different vendor.

So far, everything is working well for me, and anything on the roadmap is definitely always welcome.

There is nothing to advise about CyberArk IGA Powered by Zilla; if you are aware of this particular solution, you have to check it out.

I would rate this review a ten.

We are a financial services company that's regulated by the FDIC, so we must complete a SOC 2 report showing evidence that we regularly review our high-risk applications. 

The solution has been a lifesaver. It has given us a unified platform that allows us to easily demonstrate what we need to do regarding user access reviews for compliance. 

Before Zilla, we were using fairly complicated spreadsheets, and it took a long time for the information security team to update these and send them to the business lines every quarter. We wanted something that was automated and easier for the business lines to review. Ultimately, it ended up saving the InfoSec team 60 hours per quarterly review and the business lines well over 100 hours. 

We had these spreadsheets all over the place, but now we have a library of evidence to consult when needed. Zilla keeps everything in one place. It's not scattered all over anymore. 

Because we must adhere to the SOC 2 framework, we need to manage our user permissions to the least privileged level. Since the spreadsheets were so complicated, many people rubber-stamped permissions. They weren't going to dive into this rat's nest, so they would just say everything is fine. With Zilla, people were able to see more clearly into their permissions, and I feel confident that we're drilling down and adhering to the least privileged rule. 

The manual work needed to track everything on spreadsheets was becoming unsustainable as we added applications. We can import permissions directly into Zilla instead of juggling the data and massaging it so it fits into the spreadsheets. It's probably saved my team about 40 hours per quarter.

Zilla saves us money. We did some calculations during the first quarter and found that some people doing user access reviews were at the VP level, so their time is worth a ton of money. We also found that these folks were spending unnecessary time combing through these spreadsheets. Something that typically took an hour could be completed in 15 minutes with Zilla. 

The interface is highly intuitive, and that helps in many ways because we don't need to explain things to the business lines. It's much easier than other identity and management tools. We were looking for something clear-cut that makes sense to non-technical people. It has greatly improved the controls on our audit procedures by giving people something that's clean and makes sense.

It's extremely important that Zilla provides us with a single pane of glass. When the FDIC asks us for a review, it's easier to have it in one portal than to go to all these spreadsheets scattered over SharePoint. Spreadsheets can also be manipulated, but Zilla has an audit trail that we can follow and show without a doubt that we've done what was required. 

Maybe this is coming with their AI module, but I would like to see a feature that performs baseline analysis of permissions that may not fit into a role, and it attempts to group them into a role. We've run into problems with applications where someone has not created a role but assigned ad hoc permissions to a user. We still need to do some manual work to identify the group that the user belongs to. It would be amazing to have Zilla streamline that. 

I have used Zilla for a year and a half. 

Zilla is highly stable. We've had zero problems with it. 

When we were using spreadsheets, we reviewed about eight applications, but since we added Zilla, we've scaled up to more than 40 and we continue to add to it quarterly.

I haven't needed support since the initial setup, but we have a monthly meeting with our customer success rep. We discuss our needs and upcoming features on the roadmap.

I have seven years of experience with SailPoint. It had the role-analysis feature and was a full-blown IAM solution, but we were looking for something we could use of the InfoSec team and GRC specifically that would enable us to do user access reviews. If I did an apples-to-apples comparison between Zilla and SailPoint regarding user access reviews, I would say Zilla comes out ahead for intuitiveness. It's easier to import permissions and it's simpler for non-technical people to use.

We use a tool called Saviynt that's run in-house by our identity access and management department. That also has user access management, but they hope to move away from it because support hasn't been great. Rather than wait for the IAM team, we decided to go for our own solution. While doing a deep dive into Saviynt, we came across Zilla. Our IAM team told us that if we wanted to switch, it would take only a week or two to get it set up. 

Deploying Zilla was easier than I expected, based on my experience with SailPoint and Saviynt. With those, it was an arduous process. The initial deployment was short, but it took us a quarter to get the solution up to usability. It doesn't require much maintenance aside from regularly updating permissions. It's more administration than maintenance. 

We received support from Zilla's team, which was very helpful. 

The Zilla license is what we expect to pay for a product like this. 

I rate Zilla Security nine out of 10. I recommend that new users follow the advice of their solution engineer. They knew what they were doing and guided us through the installation. 

We use the tool for access reviews. It is mainly for our regulatory SOX compliance. That was the main use case, and why we purchased Zilla back at the end of 2021.

The system is pretty self-explanatory and easy to use. It is menu-driven. You can certainly hide the menu and go with icons that describe the menu items. It is easy to locate the things or categories that you need.

They are getting there in terms of the unified identity platform. We were one of the early adopters of Zilla, and I have seen it grow over the past couple of years. They are innovative and forward-thinking in their enhancements and development of the tool. They are adding things onto the tool to expand what it can do, whether it is additional application APIs or security findings and policies. 

I don't know if it has helped to consolidate applications, but it has made it easy to implement access reviews for critical applications. Previously, there was no process at all for an access review. It was a manual process, and now we have been able to automate it. We have not utilized everything that Zilla can do now to its complete ability. We are still growing in terms of the opportunities in the system.

We have looked at some of the policy-based information provided in Zilla but have not yet fully utilized it. I do look at some of the critical policies relevant to our environment that may pop up, and try to utilize them, such as if a terminated privileged user still has access to some systems. Whether that is true or false, it gives me that identification. I can then explore and validate if it is still true or not.

There are prebuilt APIs for many well-known applications. We have a few applications for which they have prebuilt their APIs. Others in our environment require the use of a CSV file upload to import user lists, which Zilla makes easy to do.

For our use case, when we initially purchased it, we did see the benefit right away or within the first few months of using it.

Zilla Security has helped improve controls when automating manual work. Some of these review processes were nonexistent or manual spreadsheet-based types of interactions. Being able to automate the process was a key factor.

Zilla Security has enabled me and one colleague to do more with less. It may have freed up some time for the business users, but it has enabled my smaller team to accomplish a lot more. 

I am sure Zilla Security has helped us save costs. We have been able to use limited resources to do more. We have not had to increase the team to manage the access reviews we perform. I haven't put a quantitative number on savings, but it has streamlined processes.

I enjoy the ease of setup and creation of a review. Being a user of the tool or an admin of the tool, the ease of setup of an access review is valuable. End users find out, after they complain about having to do it, how simple and easy it was for them to complete their reviews. It's as simple for them to click on a link in an email, check a few boxes, and submit their review. I tell most reviewers that the process of review, depending on the number of items reviewed, can take you less than 5 minutes to complete. 

The ability to sync applications via an API on a scheduled basis, if you choose, it also valuable in time savings because a admin doesn't have to remember to login and perform the function. 

There is still no automated way to de-provision access due to a review completion, but they are getting there in terms of making it unified.

Right now it is just a one-way integration, importing user lists. I believe they working on it. I can pull a user list in, but when I do a review, the results get sent to a ticket which requires a person to execute. As a result of the review, there is no automation for the removal of access. They are going there, and the next step is to continue to streamline the process operationally and resource-wise. The review process is great. The scope for improvement is more at the results end. It would be great if it could systematically communicate with that end system and remove the requested access automatically.

We first started using it in 2021.

We have had lagging-related issues on very rare occasions accessing the system pages, but I cannot say if it was on the Zilla side or our own network side. If there is a major issue, which over the past 2.5 years I can only think of 1, Zilla proactively communicates that they know about and are working on. 

We have applications with 50 users in them, and we also have applications with 4,000 users that we review. It scales well across all of those applications. 

I have contacted them a bunch of times. They react pretty quickly and they respond fast to take care of things or inquire for clarification of what the issue may be. I have had positive responses from the support team and I would rate them a nine out of ten.

Positive

We have not used any other solution besides spreadsheets. I have seen other tools in my career and would say that Zilla still seems the simplest to use and setup when it comes to the review process. 

Zilla is a cloud-based solution. It was fairly easy to set up. We had to pick a primary directory or source of truth for users. 

If you have applications that they don't currently have APIs for, it is a manual input process. But once you have done a manual input file once or twice, it is fairly easy to use.

We purchased Zilla at the end of October or November of 2021. I had it up and running our first access review within a month.

One key is the need for collaboration with others who own applications. One or two people could manage the system, but you have to have that collaboration with others.

In terms of maintenance, I would say that the system mostly can maintain itself. I would call myself the admin user of the system. I am in it every day. I keep an eye on certain things, especially scheduled APIs to ensure they execute.

We implemented it in-house with our teams and Zilla. 

It has been fair because we have been in from the beginning or close to the beginning. I know it is not truly an identity access management system yet, but its price was one of the appealing factors for us to purchase it at the time. It was reasonably priced.

We did not, mainly based on the size of our organization at the time. 

I would advise knowing the source of truth that you are going to use upfront. If you need to change, that can be more complicated. Educating end users is always the biggest challenge with any process, but spending time to learn it is worth it.

I would rate Zilla Security a nine out of ten. It has been very easy to use. I have liked working with their team on different things, and they are very responsive.